Security Data Analytics Sr. Manager - Hybrid

Large entertainment and movie studio in West Los Angeles is looking to hire a

• Experience managing similar teams and working within data set systems required, Splunk is ideal but other platforms like Azure are okay.
• Potential to extend or go FTE is likely but not guaranteed
• Must come onsite in 3x/week.

• Provide technical and team leadership to a team of data engineers. You’ll split your time between removing technical obstacles for your team, vetting their designs, and coaching them to realize their full potential, while also building things yourself.
• Be a subject matter expert in big data analytics (Splunk/PowerBI/Tableau)
• Oversee the implementation of new analytic techniques and technologies to provide insight into threats to the company and tool and process effectiveness
• Oversee correlation of multiple data sources to present an effective measurement of the company's global risk
• Oversee basic programming and development of scripts in support of the data analytics team
• Design, document, and implement a repeatable data onboarding process
• Responsible for ensuring routine (daily, weekly, monthly, quarterly) reports are accurate and produced on time
• Responsible for insuring data health of all critical data systems
• Provide expert level technical advice to the InfoSec team
• Meeting with stakeholders across teams to determine data workflows and documentation
• Managing Workload – Manages multiple tasks, with the ability to deal with ambiguity and shifting priorities
• Some travel may be required

• Expert level knowledge of Splunk (essential)
• Data Analytic approaches and concepts
• Pattern Analysis
• Trend identification
• Cluster analysis
• Predictive Analysis
• Diagnostic Analysis

• Interpreting, searching, and manipulating data within enterprise logging solutions (essential)
• Working with network, host, and user activity data, and identifying anomalies (essential)
• Information security, client/server architectures, and networking (essential)
• Current and evolving cyber threat landscape (essential)
• Threat intelligence and applied use within incident response and forensic investigations (essential)
• Understanding of attack techniques (essential)
• Programming and scripting to support data analysis (essential)
• Multilayer security architectures and controls (desirable)
• Application architecture (mainframes, databases, web, middleware, virtual) (desirable)
• Vulnerability analysis (desirable)
• Training & Awareness through Phishing Simulation (desirable)

• Information Security certification (SSCP, CISSP, CISM, etc.)
• Incident and Forensic Security certification (GMON / GCIH, etc.)
• Ethical hacking certifications (CEH, etc.)
• Splunk Certified Architect

• Bachelor’s degree or equivalent working experience
• SIEM Certification (Splunk, ArcSight, PowerBi, Etc.)
• 7+ years of experience in Data Analytics or Data Science
• 7+ years of experience in Security Operations and/or Security Engineering
• 3+ years leading a team or program
• 2+ years of experience in Incident Response and/or Cyber Threat
• 2+ years managing vendor relationships

• Big Data Tools: Splunk, PowerBi, ArcSight (essential)
• Ticketing Systems: ServiceNow / Jira / Archer (desirable)
• Endpoint Security Products: McAfee / Qualys / Symantec DLP / Window Event Logs / Linux Auditd/ Sysmon (essential)
• Network Security Products: PaloAlto, Cisco (essential)

• Logging strategies, formats, and best practices (essential)
• Data analytic techniques (essential)
• Reporting and Dashboard development and execution (essential)
• Cloud Environments (AWS, Azure, Google Cloud Platform, O365) (desirable)
• Hacker techniques, tools, and motivations
• Operating systems (Windows, OS X, Linux and UNIX) (essential)
• Network architecture (firewalls, routers, switches and load balancers) (essential)
• Security technologies (IDS/IPS, advanced endpoint protection, AV) (essential)
• Applicable data privacy laws (CCPA, CPRA, GDPR, etc.) (essential)

• Analyzing and onboarding various security logs (essential)
• Assessing technology deployment and/or environment for implementation of best practice and/or creative logging solutions to support InfoSec and business needs
• Excellent data analysis skills (essential)
• Experience supporting a SOC (Security Operations Center)
• Experience developing security use cases and alerting
• Problem solving with missing information while under pressure with short deadlines (essential)
• Indicator pivoting, tracking and analysis (essential)
• Ability to prioritize multiple tasks rapidly, formulate a plan, delegate tasks, respond quickly and communicate with customers and leadership (essential)
• Generating both technical and executive reports, dashboards, and briefings (essential)
• Working with and communicating with IT tool and solution owners (essential)

• Programming in one or more of the following: SPL, SQL, Python, ASM (desirable)
• Shell scripting in one or more of the following: Perl, Bash, PHP, WMI, PowerShell (desirable)

• Manage an offshore team (14 people)
• Ability to develop and communicate a team strategy
• Take on new responsibilities and influence others as needed to deliver consistent results
• Work in a global environment and manage issues across multiple locations
• Strong written & verbal communications skills
• Strong organizational and multi-tasking skills
• Pick up new skills through self-learning and on the job training
• Innovate and stay current on security technologies
• Attention to detail with flexibility in addressing changing requirements